Identity-Based Microsegmentation Guide
LAST UPDATED: October 8, 2021

Integration resources

integration/app

App

Represents an application that can be installed.

Example

{
  "beta": false,
  "name": "the name"
}

Relations

GET /apps

Retrieves the list of apps.

Parameters:

  • name (string): internal parameter.
  • q (string): Filtering query. Consequent q parameters will form an or.

Attributes

beta [read_only]

Type: boolean

Set to true to indicate that the app is in a beta version.

categoryID [read_only]

Type: string

Category ID of the app.

description [max_length=1024]

Type: string

Description of the object.

icon [read_only]

Type: string

Contains a base64-encoded image for the app.

latestVersion

Type: string

Represents the latest version available of the app.

longDescription

Type: string

Contains a more detailed description of the app.

name [required,max_length=256]

Type: string

Name of the entity.

steps

Type: []uistep

List of steps that contain parameters.

title

Type: string

Represents the title of the app.

Category

Allows you to categorize services.

Example

{
  "name": "the name"
}

Attributes

ID [identifier,autogenerated,read_only]

Type: string

Identifier of the object.

description [max_length=1024]

Type: string

Description of the object.

name [required,max_length=256]

Type: string

Name of the entity.

InstalledApp

Represents an installed application.

Example

{
  "additionalConfiguration": false,
  "checkPublicEndpoint": false,
  "name": "the name",
  "protected": false,
  "status": "Unknown"
}

Relations

GET /installedapps

Retrieves the list of installed apps.

Parameters:

  • tag (string): List of tags to filter on. This parameter is deprecated.
  • q (string): Filtering query. Consequent q parameters will form an or.
POST /installedapps

Installs a new app.

DELETE /installedapps/:id

Deletes the application with the given ID.

Parameters:

  • q (string): Filtering query. Consequent q parameters will form an or.
GET /installedapps/:id

Retrieves the application with the given ID.

PUT /installedapps/:id

Updates the application with the given ID.

GET /installedapps/:id/logs

Returns the logs for an application.

Attributes

ID [identifier,autogenerated,read_only]

Type: string

Identifier of the object.

additionalConfiguration

Type: boolean

Additional configuration of the app is needed by the app itself.

annotations

Type: map[string][]string

Stores additional information about an entity.

associatedTags

Type: []string

List of tags attached to an entity.

categoryID [read_only]

Type: string

The category ID of the application.

checkPublicEndpoint

Type: boolean

If true, will look for the public endpoints and store them as annotations in the installed app.

createTime [autogenerated,read_only]

Type: time

Creation date of the object.

currentVersion

Type: string

Version of the installed application.

externalWindowButton

Type: map[string]string

Adds a button in the UI.

name [required,max_length=256]

Type: string

Name of the entity.

namespace [autogenerated,read_only]

Type: string

Namespace tag attached to an entity.

normalizedTags [autogenerated,read_only]

Type: []string

Contains the list of normalized tags of the entities.

parameters

Type: map[string]interface{}

Contains the computed parameters to start the application.

protected

Type: boolean

Defines if the object is protected.

status [read_only]

Type: enum(Unknown | Deploying | Initializing | Running | Undeploying | Error)

Status of the application.

Default value:

"Unknown"
statusMessage [read_only]

Type: string

Reason for the status of the application.

updateTime [autogenerated,read_only]

Type: time

Last update date of the object.

Log

Retrieves the logs of a deployed application.

Relations

GET /installedapps/:id/logs

Returns the logs for an application.

Attributes

data [autogenerated,read_only]

Type: map[string]string

Contains all log data.

integration/automation

Automation

Allows you to define some JavaScript code and specify the conditions under which it should be executed.

Example

{
  "condition": "function when(m, params) { return { continue: true }}",
  "disabled": false,
  "immediateExecution": false,
  "name": "the name",
  "protected": false,
  "tokenRenew": false,
  "trigger": "Time"
}

Relations

GET /automations

Retrieves the list of automations.

Parameters:

  • q (string): Filtering query. Consequent q parameters will form an or.
POST /automations

Creates a new Automation.

DELETE /automations/:id

Deletes the automation with the given ID.

Parameters:

  • q (string): Filtering query. Consequent q parameters will form an or.
GET /automations/:id

Retrieves the automation with the given ID.

PUT /automations/:id

Updates the automation with the given ID.

GET /automations/:id/triggers

Allows a system to trigger the automation if its trigger property is set to RemoteCall.

POST /automations/:id/triggers

Allows a system to trigger the automation if its trigger property is set to RemoteCall.

Attributes

ID [identifier,autogenerated,read_only]

Type: string

Identifier of the object.

actions

Type: []string

Contains the code that will be executed if the condition is met.

annotations

Type: map[string][]string

Stores additional information about an entity.

associatedTags

Type: []string

List of tags attached to an entity.

condition

Type: string

Condition contains the code that will be executed to decide if any action(s) should be executed. Providing a condition for an automation with a “Webhook” trigger type will have no impact as the condition will not be evaluated. If no condition is defined, then the automation action(s) will be executed; this behaves akin to a condition that always succeeds.

createTime [autogenerated,read_only]

Type: time

Creation date of the object.

description [max_length=1024]

Type: string

Description of the object.

disabled

Type: boolean

Defines if the property is disabled.

entitlements

Type: _automation_entitlements

Declares which operations are allowed on which identities.

errors [autogenerated,read_only]

Type: []string

Contains the error of the last run.

events

Type: _automation_events

Contains the identity and operation an event must have to trigger the automation.

immediateExecution

Type: boolean

If set and the trigger is of type Time, the automation will be run at create or update before being scheduled.

lastExecTime [autogenerated,read_only]

Type: time

The last successful execution tine.

name [required,max_length=256]

Type: string

Name of the entity.

namespace [autogenerated,read_only]

Type: string

Namespace tag attached to an entity.

normalizedTags [autogenerated,read_only]

Type: []string

Contains the list of normalized tags of the entities.

parameters

Type: map[string]interface{}

Contains the computed parameters.

protected

Type: boolean

Defines if the object is protected.

schedule

Type: string

Specifies when to run the automation. Must be in valid CRON format. This only applies if the trigger is set to Time.

signature

Type: string

Signature to validate the authenticity of the object.

stdout [autogenerated,read_only]

Type: string

Contains the standard output of the last run.

token [autogenerated]

Type: string

Holds the unique access token used as a password to trigger the authentication. It will be visible only after creation.

tokenRenew

Type: boolean

If set to true a new token will be issued and the previous one invalidated.

trigger

Type: enum(Event | RemoteCall | Webhook | Time)

Controls when the automation should be triggered.

Default value:

"Time"
updateTime [autogenerated,read_only]

Type: time

Last update date of the object.

AutomationTemplate

Templates that can be used in automations.

Example

{
  "kind": "Condition",
  "name": "the name"
}

Relations

GET /automationtemplates

Retrieves the list of automation templates.

GET /automationtemplates/:id

Retrieves the template with the given ID.

Attributes

description [max_length=1024]

Type: string

Description of the object.

entitlements

Type: _automation_entitlements

Contains the entitlements needed for executing the function.

function

Type: string

Function contains the code.

key

Type: string

Contains the unique identifier key for the template.

kind

Type: enum(Action | Condition)

Represents the kind of template.

Default value:

"Condition"
name [required,max_length=256]

Type: string

Name of the entity.

parameters

Type: map[string]interface{}

Contains the computed parameters.

steps

Type: []uistep

Contains all the steps with parameters.

Trigger

Can be used to remotely trigger an automation.

Relations

GET /automations/:id/triggers

Allows a system to trigger the automation if its trigger property is set to RemoteCall.

POST /automations/:id/triggers

Allows a system to trigger the automation if its trigger property is set to RemoteCall.